That controversial feature matches the faces in photos posted to Facebook with users, making it easier for Facebook users to identify individuals pictured in photographs they upload to the site.

The DPC was charged with reviewing Facebook’s privacy practices to determine whether they were in-line with EU data privacy laws. An audit completed by the agency in December, 2011, recommended 45 changes to the social network’s features to improve user privacy protections.

The audit followed a public uproar after an Austrian student, Max Schrems, requested a copy of the data that Facebook stored about him.

Schrems received a 1,200 page document that suggested the company was collecting awide range of information about users without their consent, and holding onto information – photos and comments – that users had been led to believe were deleted.

Among the data retained by Facebook were photo tags – many attributed without the subject’s consent using automated facial recognition technology embedded in Facebook's service.

That feature, dubbed "Tag Suggest" came under scrutiny in the DPC audit, with the Irish agency arguing that Facebook needed to give users the option of opting out of the Tag Suggest feature.

During negotiations, the European Commission further issued Article 29, a ruling on the use of facial recognition and other biometric technology in mobile devices.

During negotiations with the DPC, Facebook disabled the feature for EU users.

In a report issued Friday, the DPC said that Facebook had relented on Tag Suggest: adding prominent notices to users about the feature and giving them the option of easily disabling use of it with their facial profile. Further, the DPC asked Facebook to delete collected facial profiles on EU users by October 15.

The 74 page report, signed by DPC Deputy Commissioner Gary Davis, found that Facebook had largely complied with the DPC’s recommendations on a range of issues: making its privacy policies more transparent, limiting the extent to which user-generated data can be used in targeted advertising and making it easier for users to permanently delete data such as tags, wall posts, friend requests and pokes from the network.

A statement given by the social network to TechCrunch makes clear that it's unlikely to be long before facial recognition returns for European users, with agreement from European regulators:

"It's worth us reiterating that once we have a agreed an approach on the best way to notify and educate users with the DPC, we hope to bring back this useful tool."

Meanwhile, German regulators have demanded that Facebook complies with laws in the country, and can only create and store biometric profiles (such as those used by its facial recognition feature) with the consent of users:

"The company has to make sure that biometric profiles of its already registered users will only be created and stored with their active consent. Additionally, users have to be informed about risks of the practice in advance."

Facebook has run afoul of privacy advocates in both the United States and the European Union before, of course.

In November, 2011, the social network reached a settlement with the US Federal Trade Commission over charges that it deceived users about how data they stored on Facebook’s servers would be shared and made public.

That settlement also required Facebook to make its data sharing practices more transparent to users.

However, the EU generally has stronger consumer protections than the US and regulators there were wary of a number of practices, including how data might be shared between applications running on Facebook’s platform.

In its agreement with the EU, Facebook – in almost every case – agreed to comply with EU best practices, at least for data held about EU customers.

Facebook sucks! Thats why i have allmost nothing on my profile.I can't beleve some of the personal info. that some people trust Facebook with.And most of my settings are set to only me or no one.That's all they need to no.

I do not like the facial recognition,I feel its an invasion and ignore it/refuse to use it when I post.
I also feel that when a user deletes something it should be deleted "GONE FOREVER" not kept by facebook or any other internet media.
I feel facebook has gotten too big for their britches.
it is impossible to contact them/dispute anything with them, if you are accused of doing something bad they not only will not show you what you are accused of doing they will not even discuss it with you.I had a facebook disabled for supposedly sending spam Which I nor any of my friends or family have a clue what spam I sent. to best of my knowledge I never sent spam to anyone, I did not even send game requests to everyone, just to those friends that played that game.
what has been done with all my pictures/notes etc?

So do i qualify if i'm a german national living outside Germany? Does having my location set as Germany (though i'm not) make me qualify for this modification? Or, because my IP isn't european at the moment, do I not qualify?

"It's worth us reiterating that once we have a agreed an approach on the best way to notify and educate users with the DPC, we hope to bring back this useful tool."

Yeah? Useful to whom? Does anyone actually buy that weasel-speak?

I got so fed up with Facebook changing the terms of the deal to their benefit and to my detriment that I finally just dumped it. The fact that so many people still behave as though life without Facebook is inconceivable -- even in the light of FB's continual abuses of their privacy -- is a mystery that defies penetration by the rational mind.

About the author

Paul is a Boston-based reporter and industry analyst with more than a decade of experience covering the IT industry, cyber security and hacking. His work has appeared on threatpost.com, The Boston Globe, salon.com, NPR's Marketplace, Fortune Small Business, as well as industry publications including ZDNet, Computerworld, InfoWorld, eWeek, CIO , CSO and ITWorld.com. Paul got his 15 minutes as an expert guest on The Oprah Show - but that's a long story.